[PATCH v2] net/iavf: fix taninted scalar

Zhang, Qi Z qi.z.zhang at intel.com
Thu Nov 10 11:01:31 CET 2022

Previous message (by thread): [PATCH v2] net/iavf: fix taninted scalar
Next message (by thread): [PATCH v5] app/testpmd: fix protocol header display for Rx buffer split
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]


> -----Original Message-----
> From: Steve Yang <stevex.yang at intel.com>
> Sent: Thursday, November 10, 2022 4:31 PM
> To: dev at dpdk.org
> Cc: Wu, Jingjing <jingjing.wu at intel.com>; Xing, Beilei <beilei.xing at intel.com>;
> Yang, SteveX <stevex.yang at intel.com>
> Subject: [PATCH v2] net/iavf: fix taninted scalar
> 
> tainted_data_downcast: Downcasting match_item->meta from void * to
> struct virtchnl_proto_hdrs implies that the data that this pointer points to is
> tainted.
> 
> var_assign_var: Assigning: proto_hdrs = match_item->meta.
> Both are now tainted.
> 
> var_assign_var: Assigning: rss_meta->proto_hdrs = *proto_hdrs. Both are
> now tainted.
> 
> Passing tainted expression "rss_meta->proto_hdrs.count" to
> "iavf_refine_proto_hdrs", which uses it as a loop boundary.
> 
> Removed temporary variable 'proto_hdrs', and copied whole memory of
> match_item meta with exact structure size to avoid data downcast.
> 
> Coverity issue: 381131
> 
> Fixes: 91f27b2e39ab ("net/iavf: refactor RSS")
> 
> Signed-off-by: Steve Yang <stevex.yang at intel.com>

Acked-by: Qi Zhang <qi.z.zhang at intel.com>

Applied to dpdk-next-net-intel.

Thanks
Qi

Previous message (by thread): [PATCH v2] net/iavf: fix taninted scalar
Next message (by thread): [PATCH v5] app/testpmd: fix protocol header display for Rx buffer split
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list